SHARE
TWEET

Untitled

a guest Nov 8th, 2019 105 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. each file for the downloader ends in a signature
  2. signatures can be found by the hex string
  3. 01000000 00000000 00000000 00000000
  4. followed by high-entropy bytes (basically no zeroes, no readable text or repeated values nearby)
  5.  
  6. 0x0 ... 0x2000 -> whatever, BL1
  7. 0x2000 ... 0x15000 -> second image (encrypted TZ/EL3?)
  8. 0x15000 ... 0x64000 -> ACPM and other stuff
  9. 0x7D000 ... 1FD000 -> BL2, the actual s-boot
  10.  
  11. There are actually multiple images starting from 0x15000
  12. but there is only one signature at the end.
  13.  
  14. 0x15000 ... 0x30c00 -> XXX
  15. 0x30C00 ... 0x7d000 -> YYY
  16.     One of XXX and YYY is unknown and one is:
  17.     ACPM (Power controller) firmware, unsigned?
  18.  
  19.  
  20.  
  21. dd if=sboot.bin of=part1.bin bs=$((0x2000)) count=1
  22. dd if=sboot.bin of=part2.bin bs=1 skip=$((0x2000)) count=$((0x15000-0x2000))
  23. dd if=sboot.bin of=part3.bin bs=1 skip=$((0x15000)) count=$((0x64000-0x15000))
  24. dd if=sboot.bin of=part4.bin bs=1 skip=$((0x7d000)) count=$((0x1fd000-0x7d000))
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top